ãããµã€ããŒã»ãã¥ãªãã£ã¯åäžè£œåã§ã¯ãªãã
ãã©ãããã©ãŒã ã§ããã¹ãã ã
ð¢ Lee KlarichãCPOãPalo Alto Networks
ææ°ã®èšäº
NAC(Network Access Control) å°å ¥èªå·±èšºæ
ð NAC(Network Access Control) ã®å°å ¥ã¯å®è³ªçãªã»ãã¥ãªãã£åäžã«åœ¹ç«ã€ã®ãïŒ ç®æš: “NAC ãœãªã¥ãŒã·ã§ã³ãã»ãã¥ãªãã£åŒ·åã«å¿ èŠäžå¯æ¬ ãªèŠçŽ ãªã®ãããããšãäžèŠãªç®¡çè² æ ãããããã®ããåæããŸããåãªã IP ããŒã¹ã®ã¢ã¯ã»ã¹å¶åŸ¡ããããã³ã°å¯Ÿçãšã...
ãã£ãšèªãNAC(Network Access Control)ã®å°å ¥ã¯å¿ èŠãïŒ å¹ççãªä»£æ¿æ¡ãææ¡ããŸã
ð NAC(Network Access Control)ãœãªã¥ãŒã·ã§ã³ã®å°å ¥ã¯å¿ èŠãïŒçŸå®çãªæ€èš ç®æš: “æ å ±ã»ãã¥ãªãã£ã«ãããŠãå å¶çãªå¯Ÿå¿ã¯äžå¯æ¬ ã§ããããããé床ãªå å¶ç察å¿ãããã£ãŠéèŠãªã»ãã¥ãªãã£è åšãèŠèœãšãå¯èœæ§ããããŸããæ¬èšäºã§ã¯ãNACå°å ¥ã«ããå å¶çãªIP...
ãã£ãšèªãã¬ããããŒã vs ãã«ãŒããŒã ãã©ã¡ããæå©ãïŒ
âïž ã¬ããããŒã ãšãã«ãŒããŒã ã®æŠããæ¬åœã«ãæ§ãšçŸãã®é¢ä¿ãªã®ãïŒ ããã«ãŒãšãã«ãŒããŒã ã®æŠãã¯ããããæ§ãšçŸãã«äŸããããŸããããã«ãŒã¯åžžã«é²åãç¶ãããã«ãŒããŒã ã¯ããã«å¯ŸæããŠé²åŸ¡ã·ã¹ãã ãç¶ç¶çã«åŒ·åããªããã°ãªããŸããã
ãã£ãšèªãDietrich Bonhoefferã®æãè çè«
ð§ ãã£ãŒããªããã»ãã³ãããã¡ãŒã®ãæããã®çè«ã 1. èæ¯ ãã£ãŒããªããã»ãã³ãããã¡ãŒïŒDietrich Bonhoeffer, 1906ïœ1945ïŒã¯ããã€ãã®ç¥åŠè ã§ããå²åŠè ã§ãããã¹æ¿æš©ã«æµæããããåŠåãããŸããã 圌ã®èæž ãæµæãšæåŸãïŒWiderstand und...
ãã£ãšèªãæ å ±ã»ãã¥ãªãã£è£œåéžæãã§ãã¯ãªã¹ã
ð¡ïž æ å ±ã»ãã¥ãªãã£è£œåéžå®ãã§ãã¯ãªã¹ã æ å ±ã»ãã¥ãªãã£æ åœè ã¯ãé©åãªã»ãã¥ãªãã£è£œåãéžå®ããéã«å€ãã®èª²é¡ã«çŽé¢ããããšããããŸãããã®ãããã»ãã¥ãªãã£è£œåãéžã¶éã« äœã«æ³šç®ããã©ã®åºæºã§è©äŸ¡ãã¹ãã ãæŽçã§ããããããã§ãã¯ãªã¹ããæäŸããŸãã
ãã£ãšèªãåŸæ¥ã®SOC察PLURA-XDRãã©ãããã©ãŒã
âïžåŸæ¥ã® SOCïŒSecurity Operation CenterïŒãš PLURA-XDR ã¯ãã©ã¡ããäŒæ¥ã®ã»ãã¥ãªãã£ç£èŠäœå¶ãšããç¹ã§å ±éããŠããŸãããå°å ¥ã³ã¹ããéçšå¹çããããŠæ¬è³ªçãªåœ¹å²ã®èŠ³ç¹ã§å€§ããªéãããããŸãã PLURA-XDR ã¯åãªãç£èŠãè¶ ããŠãçµ±åãããè åšã®äºé²ãšå¯Ÿ...
ãã£ãšèªãç«æã«åãã£ãŠãã¹ã¯ã®å·šå€§ãªããºã«
ð åºè«: ã€ãŒãã³ã»ãã¹ã¯ã®åµé çåæ© â ç«ææ€æ°å°å»ºèš ã€ãŒãã³ã»ãã¹ã¯ã®ç©¶æ¥µã®ç®æšã¯ãç«æã«äººé¡ãäœããæ€æ°å°ã建èšããããšã§ãã ããããç«æã«ã¯æ¢åã®ã€ã³ãã©ãäžåãªããæŸå°ç·ãäœæž©ãäœæ°å§ãšãã£ã 極éã®ç°å¢åé¡ãæ±ããŠããŸãã ããã解決ããã«ã¯ã茞éããšãã«ã®ãŒãéä¿¡ã人工ç¥èœãã...
ãã£ãšèªããã¡ã€ã¢ãŠã©ãŒã«ã®æ£ããç解
ð¡ïž ãã¡ã€ã¢ãŠã©ãŒã«: å éšä¿è·ãšãã©ãã£ãã¯ç®¡çã®èŠ ãªã³ãã¬ãã¹ç°å¢ã«ãããŠãå éšãããã¯ãŒã¯ã®ä¿è·ããã³åºå ¥ããããã©ãã£ãã¯ã管çããããšã¯ãå¿ ããã¡ã€ã¢ãŠã©ãŒã«ïŒfirewallïŒãæããã¹ãéèŠãªèª²é¡ã§ãã
ãã£ãšèªããŒããã€æ»æ察å¿æŠç¥
ðµïžââïž è¿å¹Žããµã€ããŒã»ãã¥ãªãã£ã®è åšããŸããŸãé«åºŠåããåŸæ¥ã®ã·ã°ããã£ããŒã¹ã®æ€åºæ¹æ³ã ãã§ã¯å¯Ÿå¿ãé£ãããªã£ãŠããŸãããŒããã€æ»æïŒZero-Day AttackïŒãæªç¥ã®æ»æïŒUnknown AttackïŒã¯ãã»ãã¥ãªãã£ã·ã¹ãã ãäºåã«èªèããŠããªãæ°ããææ³ã§å®è¡ãããåŸæ¥ã®ã»ãã¥...
ãã£ãšèªãWebã®å®å šãªãã°åæã¯ãªãéèŠãªã®ã?
ð è¿å¹Žãã»ãã¥ãªãã£è åšã¯ãŸããŸãé«åºŠåããè€æ°ã®ã¹ãããã«ããã£ãŠé èœããã圢ã§é²è¡ããæ»æææ³ãå¢å ããŠããŸããåã«ç¹å®ã®ãªã¯ãšã¹ãïŒGET/POSTïŒã®ã¿ã«çŠç¹ãåœãŠãã®ã§ã¯ãªãããŠã§ãå šäœã®ãã©ãã£ãã¯ãã°ãåæããããšã§ãããæ·±ãåºç¯ãªã»ãã¥ãªãã£æ å ±ãåŸãããšãã§ããŸãã æ¬èšäºã§ã¯ã...
ãã£ãšèªãPLURA-XDRã掻çšãããµãã©ã€ãã§ãŒã³ã»ãã¥ãªãã£åŒ·åç
ðµïžââïž ãã£ã³ããŒã³: PLURA-XDRã掻çšãããµãã©ã€ãã§ãŒã³ã»ãã¥ãªãã£åŒ·åç 1. ææ¡ã®èæ¯ ãµãã©ã€ãã§ãŒã³ã»ãã¥ãªãã£ã®è åšå¢å€§ è¿å¹ŽãäŒæ¥éã®é£æºãè€éåããã«ã€ãããµãã©ã€ãã§ãŒã³(Supply Chain)ãçã£ããµã€ããŒæ»æãæ¥å¢ããŠããŸããç¹ã«ã倧äŒæ¥ãšååäŒç€Ÿã®éã§ã...
ãã£ãšèªããªã³ãã¬ãã¹DDoSæ代ã¯çµãã£ã
ð ãã¯ããªã³ãã¬ãã¹ã§DDoSãé²ãæ代ã¯çµãããŸããã DDoSïŒåæ£åãµãŒãã¹æåŠæ»æïŒã¯ã倧èŠæš¡ãªãã©ãã£ãã¯ãå©çšããããªã¥ã¡ããªãã¯ïŒVolumetricïŒæ»æããã ã¢ããªã±ãŒã·ã§ã³å±€ïŒL7ïŒæ»æãŸã§å€æ§åããŠãããäž»èŠã¿ãŒã²ããã¯ãŠã§ããµãŒãã¹ã«ãªã£ãŠããŸãã å ¬éãããŠãããŠã§ã...
ãã£ãšèªã1åã§ãããã³ã°ãããã©ãããå€æããPLURA-XDRã®å³æã®å¯èŠæ§
ð ãããã³ã°ã®æç¡ãå€æããã®ã«ã1åã§ååã§ã ä»æ¥ã®ãµã€ããŒã»ãã¥ãªãã£ã«ãããŠæãéèŠãªèŠçŽ ã¯ãè¿ éãªæ€ç¥ãšå¯Ÿå¿ã§ãããããã³ã°äºæ ãçºçãããšãããããªé ãã§ãç倧ãªè¢«å®³ãåŒãèµ·ããå¯èœæ§ããããŸããããã§ã¯ããããã³ã°ã®æç¡ãå€æããã®ã«ã©ããããã®æéããããã§ããããïŒ çãã¯ã1å...
ãã£ãšèªãå¿ èŠã«å¿ããŠå¿ èŠãªã»ãã¥ãªãã£ã®ã¿ãéžæããŠãã ããïŒPLURA vsãæ¢åã®ã»ãã¥ãªãã£ãœãªã¥ãŒã·ã§ã³
ð äžè¬çãªã»ãã¥ãªãã£ãœãªã¥ãŒã·ã§ã³ã®èª²é¡ äŒæ¥ãã»ãã¥ãªãã£ãœãªã¥ãŒã·ã§ã³ãå°å ¥ããéã«æãéèŠããèŠçŽ ã¯ãã³ã¹ã察å¹æã§ãã ãã¡ã€ã¢ãŠã©ãŒã«ãEDRãSIEMãWAFãªã©ãããŸããŸãªã»ãã¥ãªãã£ãœãªã¥ãŒã·ã§ã³ããããŸãããå®éã«äœ¿çšãããæ©èœã¯20%ã«ãæºããªãå Žåãå€ãã®ã§ãã åé¡ã¯ã䜿...
ãã£ãšèªãã³ããŒãããã·ã¹ãã ãã¡ã€ã«ãã»ãã¥ãªãã£ãœãªã¥ãŒã·ã§ã³ã¯åãããã«èŠããã?
ðµïžââïž ãã¹ã«ã¬ãŒãã£ã³ã°ïŒMasqueradingïŒãã»ãã¥ãªãã£ãœãªã¥ãŒã·ã§ã³ã¯æ£èŠãã¡ã€ã«ãšãã«ãŠã§ã¢ãã©ã®ããã«èå¥ããã®ãïŒ ãµã€ããŒæ»æã¯ãŸããŸãé«åºŠåããŠããããã®äžã§ã**ãã¹ã«ã¬ãŒãã£ã³ã°ïŒMasqueradingïŒ**ææ³ã¯ ã»ãã¥ãªãã£ãœãªã¥ãŒã·ã§ã³ãåé¿ããããã®éåžžã«å¹...
ãã£ãšèªãProcess Hollowing: æ»ææè¡ãšæ€åºæŠç¥
ð€1. Process Hollowingãšã¯ïŒ Process Hollowingã¯ãT1055.012ãšããŠåé¡ãããProcess Injectionã®ãµããã¯ããã¯ã§ããã æ£èŠã®ããã»ã¹ã®ã¡ã¢ãªã¢ãã¬ã¹ç©ºéãç Žæããããã«ãŠã§ã¢ãå®è¡ããææ³ãæããŸãã ðµïžââïž äž»ã«æš©éææ Œãæ€ç¥åé¿...
ãã£ãšèªãDeep Seekã觊çºããç¥èèžçãç解ãã
ð¡ ãã£ãŒãã©ãŒãã³ã°ã¢ãã«ã®è»œéåããŸããŸãéèŠèŠãããäžãç¥èèžçïŒKnowledge DistillationïŒã倧ããªæ³šç®ãéããŠããŸãã ãã®æè¡ã¯ã倧èŠæš¡ãªTeacherã¢ãã«ãåŠç¿ããç¥èãããã軜éãªStudentã¢ãã«ã«ãèžçãããŠäŒéããããšã§ã æšè«é床ãšã¡ã¢ãªäœ¿çšéãå€§å¹ ã«å...
ãã£ãšèªãã©ãŒãžèšèªã¢ãã«ïŒLMMïŒãã¬ã³ãåæ
ð€ð€ð€ 倧èŠæš¡ãã«ãã¢ãŒãã«ã¢ãã«ïŒLarge Multimodal Model, LMMïŒ ã¯ãè¿å¹Žã®AIæ¥çã§æã泚ç®ãããŠããåéã®äžã€ã§ãã TransformerããŒã¹ã®é«åºŠãªèšèªã»ç»åã»é³å£°ã¢ãã«ãéçºãããããŸããŸãªç£æ¥ã§ã®æŽ»çšãæ¥å¢ããŠããŸãã ç¹ã«ãOpenAI...
ãã£ãšèªãã©ã®ãããã®ãŠãŒã¶ãŒããªã³ãã¬ãã¹ç°å¢ã§ã€ã³ã©ã€ã³WAFã䜿çšã§ããŸããïŒ
ð ãªã³ãã¬ãã¹ç°å¢ã«ãããWebã¢ããªã±ãŒã·ã§ã³ã®ã»ãã¥ãªãã£åŒ·åã«ã¯ãWebã¢ããªã±ãŒã·ã§ã³ãã¡ã€ã¢ãŠã©ãŒã«ïŒWAFïŒãäžå¯æ¬ ã§ãã WAFã®å°å ¥æ¹åŒã«ã¯ã倧ããåããŠã€ã³ã©ã€ã³ã¢ãŒããšãªããŒã¹ãããã·ã¢ãŒãã®2çš®é¡ãããã äŒæ¥ã¯èªç€Ÿã®ç°å¢ã«æé©ãªæ¹åŒãéžæããŠããŸãã ããã§ã¯ãå®éã®ãªã³ã...
ãã£ãšèªãéåã³ã³ãã¥ãŒãã£ã³ã°ã®çŸäœæãšå¯èœæ§
âïž çŸåšãååéã§ã¢ã«ãŽãªãºã ãå®å šã«æŽçãããŠããããã§ã¯ãªãã å€ãã®å Žåãå¯èœæ§ã«åºã¥ããç 究段éã«ãšã©ãŸã£ãŠããŸãã ããããäžéšã®åéã§ã¯æ¢ã«å ·äœçãªã¢ã«ãŽãªãºã ãéçºããã å®éã®å¿çšå¯èœæ§ã確èªãããŠããŸãã ããã以äžã®ããã«åé¡ã§ããŸã:
ãã£ãšèªããã¥ãŒãããïŒã¯ã©ã³ã¿ã ïŒã¢ã«ãŽãªãºã ã®çŽ¹ä»
âïž ãã¥ãŒãããïŒéåïŒã¢ã«ãŽãªãºã ã¯çŸåšãåæ段éã«ããã çè«çãªå¯èœæ§ãäžå¿ã«ç 究ãé²ããããŠããã äžéšã®ã¢ã«ãŽãªãºã ã¯æ¢ã«éçºãããç¹å®ã®åé¡ã«å¯Ÿããæœåšçãªåªäœæ§ã瀺ããŠãããã ã»ãšãã©ã®å¿çšã¯äŸç¶ãšããŠå®éšçãªæ®µéã§ããã ããŒããŠã§ã¢ã®é²å±ãšãšãã«ãå®éã®ç£æ¥å¿çšã¯ãŸã éå®çã§ã...
ãã£ãšèªãäžå°ã»äžå äŒæ¥ã«IPS/NDRãæ¬åœã«å¿ èŠã ãããïŒ
âïž äžå°ã»äžå äŒæ¥ç°å¢ãåæã«ããããã¯ãŒã¯ããŒã¹ã®ã»ãã¥ãªãã£ãœãªã¥ãŒã·ã§ã³ã§ãã NIPSïŒNetwork-based Intrusion Prevention SystemïŒãš NDRïŒNetwork Detection & ResponseïŒããæ¬åœã«å¿ èŠãªã®ãïŒããšããåããæ¹ã...
ãã£ãšèªããŠã§ããéããããŒã¿æŒæŽ©ãããã³ã°å¯Ÿå¿ã®æŠèŠ
ãããã³ã°ã®æçµç®çã¯ããŒã¿æŒæŽ©ã§ãã ã¿ãŒã²ãããšãªãã®ã¯é¡§å®¢æ å ±ãå人æ å ±ãäŒæ¥ã®éèŠãªè³ç£ã§ãã ããŒã¿æŒæŽ©ãããã³ã°ã®ç®çã¯ãééçãªå©çãåŸãããžãã¹ã§ããããã§ãã äžæ¹ã§ããããã³ã°ãåããäŒæ¥ã«ãšã£ãŠã¯ãå€å€§ãªééçæ倱ãšãã¬ãã£ããªäŒæ¥ã€ã¡ãŒãžãæ¡å€§ããŸãã 眰éãéå£æå®³è³ åãå Ž...
ãã£ãšèªãIPSã®é²åãšã»ãã¥ãªãã£ç°å¢ã®å€å
ð äŸµå ¥é²åŸ¡ã·ã¹ãã ïŒIPSãIntrusion Prevention SystemïŒã¯ãã»ãã¥ãªãã£æè¡ã®éèŠãªæ§æèŠçŽ ã§ããããããã¯ãŒã¯ããã¹ãïŒãµãŒããŒãPCãªã©ïŒäžã§ããŸããŸãªè åšãæ€åºãããããé»æ¢ãã圹å²ãæãããŸãã ãããã次ã®ãããªå€§ããªå€åã«ãããã»ãã¥ãªãã£ç°å¢ã¯å€§ããå€ãã...
ãã£ãšèªãPCãšãµãŒããŒã®ãŠã£ã«ã¹ã¯Windows Defenderã§ååã§ã
ð¡ïž äŒ çµ±çãªã¢ã³ããŠã€ã«ã¹(Antivirus)ãããŸã ã«äœ¿çšããŠããŸãããïŒ å€ãã®äŒç€Ÿãšå人ã¯ããŸã ã«ãäŒ çµ±çãªã¢ã³ããŠã€ã«ã¹ã(Antivirus, AV)ã䜿çšããŠããŸãããããããµã€ããŒã®è åšãæ¥ã«æ¥ã«é«åºŠåããŠããä»ãäŒ çµ±çãªAVã§ã¯ç¢ºå®ã«å¯Ÿå¿ã§ããŸããã Microsoft...
ãã£ãšèªãã»ãã¥ãªãã£ãšä¿éºã®éã
âïž ã»ãã¥ãªãã£ãšä¿éºã®éããšã¯ïŒ ã»ãã¥ãªãã£ãšä¿éºã¯ã©ã¡ãããªã¹ã¯ã«åãããšããç¹ã§å ±éããŠããŸãããè²»çšãäŒæ¥ã®æé·ããããŠæ¬è³ªçãªåœ¹å²ã®èŠ³ç¹ã§ãã®éãã¯é¡èã§ãã PLURA-XDRã¯åã«ãªã¹ã¯ã«åããã ãã§ãªããäŒæ¥ã®æç¶çãªæé·ãšå¹ççãªéå¶ãæ¯æŽãããã®ç¹ã§ä¿éºãšã¯æ¬è³ªçã«ç°ãªãã¢ã...
ãã£ãšèªãPLURAãã©ã¬ã³ãžãã¯ã§è¿ éã«å¯Ÿå¿ããŸããã
ð äŒæ¥ã»ãã¥ãªãã£ã®éèŠæ§ çŸä»£ç€ŸäŒã«ãããŠãäŒæ¥ã»ãã¥ãªãã£ã¯ãã¯ãéžæè¢ã§ã¯ãªãå¿ é äºé ã§ãã ãµã€ããŒæ»æã¯äºæž¬äžå¯èœã§ãããçºçæã«åé¡ã®åå ãç¹å®ãããŸã§ã«æéããããããšã¯ãèŽåœçãªçµæãæãå¯èœæ§ããããŸãã ããããPLURAãã©ã¬ã³ãžãã¯ã䜿çšããã°ãããããäžå®ã軜æžããããšã...
ãã£ãšèªããããã³ã°äºä»¶ã«å¯Ÿå¿ããã¯ã©ãŠãã»ãã¥ãªãã£ãã©ãããã©ãŒã ã®éèŠæ§
ðãããã³ã°äºä»¶ãšã»ãã¥ãªãã£ã®éèŠæ§ ðæè¿ããããã³ã°äºä»¶ãçžæ¬¡ããäŒæ¥ãæ¿åºæ©é¢ã«ã被害ãæ¡å€§ããŠããŸãã æ å ±æŒæŽ©ã«ããäºæ¬¡è¢«å®³ãæžå¿µãããäžãã»ãã¥ãªãã£ãœãªã¥ãŒã·ã§ã³ã®éèŠæ§ããããŸã§ä»¥äžã«åŒ·èª¿ãããŠããŸãã ãã®ãããªç¶æ³ã解決ããããã«ãã€ã³ã¹ããŒã«åã®ã»ãã¥ãªãã£ããã°ã©ã ã§ã¯ãª...
ãã£ãšèªããŠã§ãã¢ããªã±ãŒã·ã§ã³ãã¡ã€ã¢ãŠã©ãŒã«ã®é·æãšçæãããŒããŠã§ã¢ vs ãœãããŠã§ã¢
ð§±ãŠã§ãã¢ããªã±ãŒã·ã§ã³ãã¡ã€ã¢ãŠã©ãŒã«ïŒWAFïŒãæ§ç¯ããéã«ãããŒããŠã§ã¢ããŒã¹ãšãœãããŠã§ã¢ããŒã¹ã®ãªãã·ã§ã³ãæ¯èŒããããšã¯éåžžã«éèŠã§ããããããã®æ¹åŒã¯ãçµç¹ã®ã»ãã¥ãªãã£èŠä»¶ãäºç®ãã€ã³ãã©ã«ãã£ãŠé©åæ§ãç°ãªããŸãã 1. ããŒããŠã§ã¢ããŒã¹WAFã®é·æãšçæ ð¢é·æ: â¡ããã©ãŒã...
ãã£ãšèªã[WEB] Webshellæ»æãšcreate_functioné¢æ°ã®è匱æ§
Webshell(ãŠã§ãã·ã§ã«)ã®æŠèŠ Webshell(ãŠã§ãã·ã§ã«)ã¯ãWebãµãŒããŒã«ã¢ããããŒããããæªæã®ããã¹ã¯ãªããã§ãæ»æè ããµãŒããŒããªã¢ãŒãã§å¶åŸ¡ã§ããããã«ããŸãã ããã«ããããµãŒããŒã®ãã¡ã€ã«ã·ã¹ãã ã«ã¢ã¯ã»ã¹ããã³ãã³ããå®è¡ããããšãå¯èœã§ãã äž»ãªæ©èœ ãã¡ã€ã«ç®¡ç:...
ãã£ãšèªãPLURAã§Microsoft Defender Antivirusãã°ã確èªãã
ð¡ïžMicrosoft Defender Antivirusãšã¯ïŒ Microsoft Defender Antivirusã¯ãMicrosoft Windowsã«çµã¿èŸŒãŸãããŠã€ã«ã¹å¯ŸçãœãããŠã§ã¢ã³ã³ããŒãã³ãã§ãã[1] Defenderã¯æ€åºçµæããã°ã«èšé²ããPLURAã¯ãããã®ãã°ãåé...
ãã£ãšèªãNDRã®éçïŒè§£æ±ºäžå¯èœãªããã·ã§ã³
ð¡ NDRïŒNetwork Detection and ResponseïŒã¯ããããã¯ãŒã¯ã»ãã¥ãªãã£æè¡ãšããŠç¢ºç«ãããŠããŸããã æ¬è³ªçã«å æããããéçãæ±ããŠããŸãã æå·åãã©ãã£ãã¯ã®è§£æã«ãããæ§é çãªå¶çŽããé«åºŠãªè åšæ€ç¥ã®é£ãããªã©ã ãããã課é¡ã詳ããæãäžãããããå æããã...
ãã£ãšèªãäŸµå ¥é®æã·ã¹ãã ïŒIPSïŒãç解ãã
ð¡ïž äŸµå ¥é²åŸ¡ã·ã¹ãã ïŒIPSãIntrusion Prevention SystemïŒã¯ããããã¯ãŒã¯ããã¹ãäžã§çºçããããŸããŸãªã»ãã¥ãªãã£è åšãäºåã«æ€åºããé®æããæè¡ã§ãã ããããIPSãåãªã補åãæ©èœãšããŠæããã ãã§ã¯ãçŸåšã®è€éãªã»ãã¥ãªãã£ç°å¢ãååã«èª¬æããããšã¯ã§ããŸã...
ãã£ãšèªãXiaoqiyingãããã³ã°æ»æã«å¯Ÿå¿ãã
ðXiaoqiyingã¯ããµã€ããŒã¹ãã€æŽ»åã倧èŠæš¡ãªæ å ±åéãç®çãšããŠæŽ»åããããšãç¥ãããŠãããããã³ã°ã°ã«ãŒãã§ãããã®èšäºã§ã¯ãã·ã£ãªãã€ã³ã°ã®æŽ»åãšç®çããããŠå¹æçãªã»ãã¥ãªãã£å¯Ÿå¿çã«ã€ããŠèª¬æããŸãã
ãã£ãšèªãã»ãã¥ãªãã£äžã®å¿çç¶æ å€ã®å€æŽãå¿ èŠã§ããïŒ
âWebãµãŒããŒç®¡çã§ãµãŒããŒã®å¿çå€ãåžžã«ã200ãã«èšå®ããããšã¯æ å ±ã»ãã¥ãªãã£ã«åœ¹ç«ã¡ãŸããïŒãããåãå·»ãè°è«ãšãšãã«ãæãŸãã察å¿çãèŠãŠã¿ãŸãããã
ãã£ãšèªã[WEB] 管çè ããŒãžã®é²åºå¯Ÿå¿
ðïžæŠèŠ 管çè ããŒãžã®é²åºãšã¯ãèªå¯ãããŠããªããŠãŒã¶ãŒãæ»æè ãã¢ã¯ã»ã¹ã§ããªãããä¿è·ãããã¹ã管çè ããŒãžãå€éšã«é²åºããç¶æ ãæããŸãããã®ãããªé²åºã¯æ·±å»ãªã»ãã¥ãªãã£ãªã¹ã¯ãåŒãèµ·ãããŸãã
ãã£ãšèªã[Windows] å ±æãã©ã«ããŒã®è匱æ§å¯Ÿå¿
ðïžæŠèŠ Windows ãªãã¬ãŒãã£ã³ã°ã·ã¹ãã ã§ã¯ã管çç®çã§ä»¥äžã®ãããªå ±æãã©ã«ããŒãããã©ã«ãã§èšå®ãããŠããŸãïŒ
ãã£ãšèªã[Apache Tomcat] ããŒãžã§ã³æ å ±æŒæŽ©å¯Ÿç
ðïžæŠèŠ ð± Apache Tomcatã¯ãããã©ã«ãã®èšå®ã§ã¯ãšã©ãŒçºçæã«ãµãŒãã®ããŒãžã§ã³æ å ±ãæŒæŽ©ããå¯èœæ§ããããŸãã ããã¯æ»æè ããµãŒãã®è匱æ§ãæªçšãããªã¹ã¯ãé«ãããããããŒãžã§ã³æ å ±ãé ãèšå®ãå¿ èŠã§ãã
ãã£ãšèªããŠã§ããã¡ã€ã¢ãŠã©ãŒã«ãªãã®ããŒã ããŒãžéå¶ã¯ã·ãŒããã«ããªãã®é転ãšåãã§ãã
ðãŠã§ãæ»æã®è åš å šãŠã®ãµã€ããŒæ»æã®80% ã¯ãŠã§ãæ»æããå§ãŸããŸãã ã©ã³ãµã ãŠã§ã¢æ»æã®70%ã¯ãŠã§ãçµç±ã§çºçããŠããŸãã ãŠã§ãã¯çŸä»£ããžãã¹ã®äžå¿ã§ãããšåæã«ãããã«ãŒãæãçãè匱æ§ã®äžã€ã§ããããŸãã
ãã£ãšèªãZero Trust Architecture(ZTAãZero Trust Architecture)ã®åºæ¬åç
ðãŒããã©ã¹ãã¢ãŒããã¯ãã£ïŒZTAïŒã¯ãã»ãã¥ãªãã£åŒ·åãšè åšå¯Ÿå¿ã®ããã«ã次ã®åºæ¬ååã«åŸã£ãŠèšèšããã³é åžãããŠããŸããããã¯ãçµç¹å ã®ãªãœãŒã¹ãšããŒã¿ä¿è·ãæåªå ããŠã»ãã¥ãªãã£æ å¢ã匷åããããã®æŠç¥çã¢ãããŒãã§ãã
ãã£ãšèªããŒããã©ã¹ãã¢ãŒããã¯ãã£(ZTA)ã®è«çæ§æèŠçŽ
1. ããªã·ãŒãšã³ãžã³ (PE, Policy Engine) 圹å²: äž»äœã«å¯ŸããŠãªãœãŒã¹ã¢ã¯ã»ã¹æš©ãä»äžãããã決å®ããŸãã æ©èœ: å€éšãœãŒã¹ïŒäŸ: CDMã·ã¹ãã ãè åšã€ã³ããªãžã§ã³ã¹ïŒãäŒæ¥ããªã·ãŒãåºã«ã¢ã¯ã»ã¹ãèš±å¯ãæåŠããŸãã¯åãæ¶ããŸãã ããªã·ãŒã¢ãããã¹ãã¬ãŒã¿(PA)ãšé£æºã...
ãã£ãšèªãWebãµãŒãã¹ã®è匱æ§ã¯å¯Ÿå¿ã§ããŸããïŒ
ðWebæ»æã®æ·±å»ããèæ ®ãããšãWebãµãŒãã¹ã®è匱æ§ãæ¹åããããã®ã¢ãããŒãã¯äœã§ããïŒ WebãµãŒãã¹ã¯ããŸããŸãªè åšã«ãããããŠãããããã«å¯Ÿå¿ããããã®äœç³»çã§å®çšçãªã»ãã¥ãªãã£æŠç¥ãå¿ èŠã§ãã
ãã£ãšèªãèŠæ±æ¬æãã°ã®ä¿åæã®å®¹éå¢å çã®åæ
ðäŒçµ±çã«ãWebãµãŒããŒã®ã¢ã¯ã»ã¹ãã°(access.log)ã«ã¯ãªã¯ãšã¹ãæ¬æ(Post-body)ãå«ãŸããŠããŸãããããã¯ãããã©ã«ãèšå®ã§ã¯æ¬æãã°ãæäŸããããæ¬æãã°ã«ãã容éã®å¢å ãæžå¿µãããããã§ããããããæ¬æãã°ã¯Webã¢ããªã±ãŒã·ã§ã³ãã¡ã€ã¢ãŠã©ãŒã«(WAF)ã®åé¿æ»æãé²...
ãã£ãšèªãWebãã¡ã€ã¢ãŠã©ãŒã«ãã€ãã¹æ»æã«å¯Ÿãã察å¿æŠç¥
ð ãŠã§ãã¢ããªã±ãŒã·ã§ã³ãã¡ã€ã¢ãŠã©ãŒã«(WAF)ã¯ãŠã§ãã·ã¹ãã ä¿è·ã®èŠã§ãã ããããåé¿æ»æã«å¯Ÿããå¹æçãªå¯Ÿå¿æŠç¥ããªããã°ãæªæã®ãããã©ãã£ãã¯ãæ€åºããããã¯ãããæãããŠã§ãã·ã¹ãã ã«å°éããå¯èœæ§ããããŸãããããé²ãããã®å¯ŸçãèŠãŠãããŸãããã
ãã£ãšèªãWAF vs IPS vs UTMïŒWebæ»æã«æé©ãªé²åŸ¡ãœãªã¥ãŒã·ã§ã³ãéžæãã
ð» ãŠã§ãæ»æã«å¯Ÿå¿ããããã®æé©ãªã»ãã¥ãªãã£ãœãªã¥ãŒã·ã§ã³ã¯äœã§ããããïŒ WAFïŒWeb Application FirewallïŒãIPSïŒIntrusion Prevention SystemïŒãUTMïŒUnified Threat ManagementïŒã®äž»ãªæ©èœãšé·æã»çæãæ¯èŒãããŠ...
ãã£ãšèªãPassGANïŒAIããŒã¹ã®ãã¹ã¯ãŒãã¯ã©ããã³ã°ç解ãšå¯Ÿå¿æŠç¥
ð€ PassGANã¯ã**GANïŒGenerative Adversarial NetworkïŒ**ã掻çšããAIæè¡ãçšãã ãã¹ã¯ãŒãã¯ã©ããã³ã°ã«å©çšããã匷åãªããŒã«ã§ãã æ¬èšäºã§ã¯ãPassGANã®åäœåçãšã»ãã¥ãªãã£äžã®è åšãåæãã ããã«å¯Ÿããå¹æçãªå¯Ÿçãææ¡ããŸãã
ãã£ãšèªãKubernetes(k8s) ãš PLURA
0. æŠèŠ PLURAã¯ä»¥äžã察象ã«ãã°çæã»åéã»åæããã³ç°åžžæ€ç¥ãæäŸããçµ±åã»ãã¥ãªãã£ã€ãã³ã管ç(SIEM)ãµãŒãã¹ã§ãã ãªãã¬ãŒãã£ã³ã°ã·ã¹ãã : ã€ãã³ããã°ãsyslogãauditlog ãŠã§ããµãŒããŒ: ã¢ã¯ã»ã¹ãã° (ãªã¯ãšã¹ãæ¬æ & ã¬ã¹ãã³ã¹æ¬æå«ã) ã¢ããª...
ãã£ãšèªããã°åæã§ãããã³ã°èª¿æ»ã¯ç¥è©±(Myth)ïŒ
ãããã³ã°æ»æãåããå Žåãã»ãšãã©ã®å Žåãã°åæãè¡ãããŸãã ãã°åæã«ãã£ãŠ ã©ã®ããã«ãããã³ã°ãããã®ãã ã©ã®ããŒã¿ãæµåºããã®ã åãããšèããããŠããããã§ãããã ãããããã°ã¯èªç¶ã«çæããããã®ã§ã¯ãããŸããã ç£æ»ããªã·ãŒèšå®ãšãããŠãŒã¶ãŒã®äœæ¥ãå¿ ãå è¡ããå¿ èŠããããŸãã...
ãã£ãšèªãäŸµå ¥é®æã·ã¹ãã ïŒIPSïŒã®ç解
ð **äŸµå ¥é²æ¢ã·ã¹ãã ïŒIPS, Intrusion Prevention SystemïŒ**ã¯ã ãããã¯ãŒã¯ã»ãã¥ãªãã£ã®éèŠãªèŠçŽ ã§ããã ãããã¯ãŒã¯åããã³ãã¹ãåã®ã»ãã¥ãªãã£ãœãªã¥ãŒã·ã§ã³ãšçµã¿åãããŠã ããŸããŸãªè åšã«å¯Ÿå¿ããŸãã ããããIPSã¯æå·åããããã±ããã®è§£æã«éç...
ãã£ãšèªãã¯ã¬ãã³ã·ã£ã«ã¹ã¿ããã£ã³ã°æ»æã«å¯Ÿå¿ãã
ãæ¬å 容ã¯ChatGPTãšã®QnAãæŽçãããã®ã§ãããChatGPTãäœæããéšåã«ã€ããŠä»»æã«ä¿®æ£ãããäºå®ã¯ãããŸãããã Q1. ã¯ã¬ãã³ã·ã£ã«ã¹ã¿ããã£ã³ã°æ»æã説æããŠãã ããã ã¯ã¬ãã³ã·ã£ã«ã¹ã¿ããã£ã³ã°(Credential Stuffing)æ»æã¯ã倧éã®IDããã³ãã¹ã¯ãŒããªã¹...
ãã£ãšèªã